Skip to content

Commit 4a94b8e

Browse files
committed
Create tags on GitHub using API
To allow for signed tags to be created, rather than use the git CLI to push tags, manually push each tag using the GitHub API, which will sign the tag using the built-in GitHub GPG key.
1 parent 31ff97e commit 4a94b8e

2 files changed

Lines changed: 22 additions & 16 deletions

File tree

src/gitUtils.ts

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,10 +29,6 @@ export const push = async (
2929
);
3030
};
3131

32-
export const pushTags = async () => {
33-
await exec("git", ["push", "origin", "--tags"]);
34-
};
35-
3632
export const switchToMaybeExistingBranch = async (branch: string) => {
3733
let { stderr } = await getExecOutput("git", ["checkout", branch], {
3834
ignoreReturnCode: true,

src/run.ts

Lines changed: 22 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -130,8 +130,6 @@ export async function runPublish({
130130
{ cwd }
131131
);
132132

133-
await gitUtils.pushTags();
134-
135133
let { packages, tool } = await getPackages(cwd);
136134
let releasedPackages: Package[] = [];
137135

@@ -157,12 +155,19 @@ export async function runPublish({
157155

158156
if (createGithubReleases) {
159157
await Promise.all(
160-
releasedPackages.map((pkg) =>
161-
createRelease(octokit, {
162-
pkg,
163-
tagName: `${pkg.packageJson.name}@${pkg.packageJson.version}`,
164-
})
165-
)
158+
releasedPackages.map(async (pkg) => {
159+
const tagName = `${pkg.packageJson.name}@${pkg.packageJson.version}`;
160+
// Tag will only be created locally,
161+
// Create it using the GitHub API so it's signed.
162+
await octokit.rest.git.createRef({
163+
...github.context.repo,
164+
ref: `refs/tags/${tagName}`,
165+
sha: github.context.sha,
166+
});
167+
if (createGithubReleases) {
168+
await createRelease(octokit, { pkg, tagName });
169+
}
170+
})
166171
);
167172
}
168173
} else {
@@ -180,11 +185,16 @@ export async function runPublish({
180185

181186
if (match) {
182187
releasedPackages.push(pkg);
188+
const tagName = `v${pkg.packageJson.version}`;
189+
// Tag will only be created locally,
190+
// Create it using the GitHub API so it's signed.
191+
await octokit.rest.git.createRef({
192+
...github.context.repo,
193+
ref: `refs/tags/${tagName}`,
194+
sha: github.context.sha,
195+
});
183196
if (createGithubReleases) {
184-
await createRelease(octokit, {
185-
pkg,
186-
tagName: `v${pkg.packageJson.version}`,
187-
});
197+
await createRelease(octokit, { pkg, tagName });
188198
}
189199
break;
190200
}

0 commit comments

Comments
 (0)